kjkim
/
BSOne.SFC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
BSOne.SFC/eCrmHE/EXE_bootone/SvcBs1Rcvr.pas

448 lines
13 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

unit SvcBs1Rcvr;
interface
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Classes,
Vcl.Graphics, Vcl.Controls, Vcl.SvcMgr, Vcl.Dialogs;
type
TSvBs1Rcvr = class(TService)
procedure ServicePause(Sender: TService; var Paused: Boolean);
procedure ServiceStop(Sender: TService; var Stopped: Boolean);
procedure ServiceExecute(Sender: TService);
private
{ Private declarations }
public
function GetServiceController: TServiceController; override;
{ Public declarations }
end;
function CreateEnvironmentBlock(var lpEnvironment: Pointer;
hToken: THandle;
bInherit: BOOL): BOOL; stdcall; external 'userenv.dll';
var
SvBs1Rcvr: TSvBs1Rcvr;
implementation
uses
{$IFDEF DEBUG}
Tocsg.Trace,
{$ENDIF}
Tocsg.Win32, GlobalDefine, Tocsg.Path, Tocsg.Process, Tocsg.Safe, Tocsg.WTS,
Tocsg.Kernel32, Tocsg.Shell, Tocsg.Service, Winapi.WinSvc, Tocsg.Registry;
{$R *.dfm}
function _ExecuteAppAsUser(dwFollowPID: DWORD; sPath, sParam: String; dwVisible: DWORD): TProcessInformation;
type
TOKEN_MANDATORY_LABEL = record
Label_: SID_AND_ATTRIBUTES;
end;
const
DEFWINSTATION = 'WinSta0';
DEFDESKTOP = 'Default';
WINLOGON = 'Winlogon';
SCREENSAVER = 'Screen-Saver';
WHITESPACE = ' '{SPACE}+chr(9){TAB}+chr(10){LF};
DOMUSERSEP = '\';
var
StartupInfo: TStartupInfo;
ProcessInfo: TProcessInformation;
dwCreateFlag: DWORD;
pEnvBlock: Pointer;
hProc, hToken, hNewToken: THandle;
TIL: TOKEN_MANDATORY_LABEL;
begin
ZeroMemory(@Result, SizeOf(Result));
ZeroMemory(@ProcessInfo, SizeOf(TProcessInformation));
ZeroMemory(@TIL, SizeOf(TIL));
hToken := 0;
hNewToken := 0;
if dwFollowPID = 0 then
begin
{$IFDEF DEBUG} TTgTrace.T('_ExecuteAppAsUser() .. FollowPID is null..'); {$ENDIF}
exit;
end;
// hProc := OpenProcess(PROCESS_ALL_ACCESS, false, dwFollowPID);
hProc := OpenProcess(MAXIMUM_ALLOWED, false, dwFollowPID);
if hProc = 0 then
begin
{$IFDEF DEBUG} TTgTrace.T('_ExecuteAppAsUser() .. OpenProcess() - Fail... Error=%d', [GetLastError]); {$ENDIF}
exit;
end;
try
// if OpenProcessToken(hProc, TOKEN_ASSIGN_PRIMARY or TOKEN_DUPLICATE, hToken) then
if OpenProcessToken(hProc, MAXIMUM_ALLOWED, hToken) then
begin
// if DuplicateTokenEx(hToken, TOKEN_ASSIGN_PRIMARY or TOKEN_ALL_ACCESS, nil,
if DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, nil,
SecurityImpersonation, TokenPrimary, hNewToken) then
begin
ZeroMemory(@StartupInfo, SizeOf(StartupInfo));
StartupInfo.cb := Sizeof(StartupInfo);
StartupInfo.lpDesktop := DEFWINSTATION + '\' + DEFDESKTOP;
// StartupInfo.dwFlags := STARTF_USESHOWWINDOW or STARTF_USEPOSITION; // SW_HIDE<44><45><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><>Ű<EFBFBD><C5B0><EFBFBD><EFBFBD> <20>̰<EFBFBD> Ȱ<><C8B0>ȭ <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>Ѵ<EFBFBD> (<28>뼺 ã<><C3A3>) 15_0521 sunk
StartupInfo.wShowWindow := dwVisible;
dwCreateFlag := NORMAL_PRIORITY_CLASS or CREATE_NEW_CONSOLE;
pEnvBlock := nil;
CreateEnvironmentBlock(pEnvBlock, hNewToken, true);
if pEnvBlock <> nil then
dwCreateFlag := dwCreateFlag or CREATE_UNICODE_ENVIRONMENT;
if CreateProcessAsUserW(hNewToken,
nil,//PWideChar(ExtractFileName(sPath)),
PWideChar(Format('"%s" %s', [sPath, sParam])),
nil,
nil,
false,
dwCreateFlag,
pEnvBlock,
nil,//PWideChar(ExtractFilePath(sPath)),
StartupInfo,
ProcessInfo) then
begin
Result := ProcessInfo;
end else
{$IFDEF DEBUG} TTgTrace.T('_ExecuteAppAsUser() .. CreateProcessAsUserW() - Fail... Error=%d', [GetLastError]); {$ENDIF}
end;
end else
{$IFDEF DEBUG} TTgTrace.T('_ExecuteAppAsUser() .. OpenProcessToken() - Fail... Error=%d', [GetLastError]); {$ENDIF}
finally
if hToken <> 0 then
CLoseHandle(hToken);
if hNewToken <> 0 then
CloseHandle(hNewToken);
if hProc <> 0 then
CloseHandle(hProc);
end;
end;
procedure ServiceController(CtrlCode: DWord); stdcall;
begin
SvBs1Rcvr.Controller(CtrlCode);
end;
function TSvBs1Rcvr.GetServiceController: TServiceController;
begin
Result := ServiceController;
end;
procedure TSvBs1Rcvr.ServiceExecute(Sender: TService);
var
sAPath,
sWPath,
sCurDir,
sRunParam,
sRunAsModule: String;
bExeBeforeSleep: Boolean;
dwExeTerm: DWORD;
// bFailExeTrust: Boolean;
nFailExeTrustCnt: Integer;
function ExecuteAgent(dwOwnerPid: DWORD): Boolean;
var
t: Integer;
sTrustedInstExe: String;
begin
Result := false;
if FileExists(sWPath) then
begin
dwExeTerm := GetTickCount;
if not DeleteFile(sWPath) then
begin
SetFileAttributes(PChar(sWPath), FILE_ATTRIBUTE_NORMAL);
DeleteFile(sWPath);
end;
exit;
end else
if dwExeTerm <> 0 then
begin
if (GetTickCount - dwExeTerm) < 10000 then
exit;
dwExeTerm := 0;
end;
if bExeBeforeSleep then
begin
bExeBeforeSleep := false;
Sleep(3000);
end;
sTrustedInstExe := sCurDir + DIR_CONF + EXE_TRUST;
// cmd â<><C3A2> <20><><EFBFBD>Դ<EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> HEC<45><43><EFBFBD><EFBFBD> <20><><EFBFBD>ſ<EFBFBD>û<EFBFBD><C3BB> 23_1208 13:56:30 kku
if (nFailExeTrustCnt < 3) and FileExists(sTrustedInstExe) then
begin
// -U:[ Option ] Create a process with specified user option.
// Available options:
// T TrustedInstaller
// S System
// C Current User
// E Current User (Elevated)
// P Current Process
// D Current Process (Drop right)
// PS: This is a mandatory parameter.
// -UseCurrentConsole - X <20>ƹ<EFBFBD><C6B9><EFBFBD><EFBFBD><EFBFBD> cmd<6D><64> <20><><EFBFBD><EFBFBD> <20><><EFBFBD>Ѿ<EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>Ķ<EFBFBD><C4B6><EFBFBD><EFBFBD>Ͱ<EFBFBD> <20>ʹ<EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.
Inc(nFailExeTrustCnt);
sRunParam := UpperCase(GetRegValueAsString(HKEY_LOCAL_MACHINE, 'SYSTEM\ControlSet001\Services\SvcCrmHe', 'EA'));
if sRunParam = 'ADMIN' then
sRunParam := Format('-U:E -P:E "%s"', [sAPath])
else if sRunParam = 'USER' then
sRunParam := Format('-U:C -P:E "%s"', [sAPath])
else
sRunParam := Format('-U:T -P:E "%s"', [sAPath]);
ExecutePath_hide(sTrustedInstExe, sRunParam);
// ExecutePath_hide(sTrustedInstExe, Format('-U:E -P:E "%s"', [sAPath]));
t := 0;
while t < 10 do
begin
if MutexExists(MUTEX_AGENT) then
begin
nFailExeTrustCnt := 0;
Result := true;
exit;
end;
Sleep(500);
Inc(t);
end;
// if _ExecuteAppAsUser(dwOwnerPid, sTrustedInstExe, Format('-U:T -P:E "%s"', [sAPath]), SW_HIDE).dwProcessId <> 0 then
// begin
// {$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutext .. RunAsModule=%s .. Success!!', [sRunAsModule]); {$ENDIF}
// Sleep(2000);
// end else begin
// {$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutext .. RunAsModule=%s .. Fail..... _ExecuteAppAsUser()', [sRunAsModule]); {$ENDIF}
// bFailExeTrust := true;
// end;
end else
begin
// if _ExecuteAppAsUser(dwOwnerPid, sAPath, Format('/wlid %d', [dwOwnerPid]), SW_HIDE).dwProcessId <> 0 then
// if ExecuteApp(sAPath, '', SW_SHOWNORMAL).dwProcessId <> 0 then // Ʈ<><C6AE><EFBFBD><EFBFBD> <20>ȳ<EFBFBD><C8B3><EFBFBD>
if _ExecuteAppAsUser(dwOwnerPid, sAPath, '', SW_SHOWNORMAL).dwProcessId <> 0 then
begin
t := 0;
while t < 10 do
begin
if MutexExists(MUTEX_AGENT) then
begin
nFailExeTrustCnt := 0;
Result := true;
exit;
end;
Sleep(500);
Inc(t);
end;
if Result then
begin
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutext .. RunAsModule=%s .. Success!!', [sRunAsModule]); {$ENDIF}
Sleep(2000);
end;
end else begin
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutext .. RunAsModule=%s .. Fail..... _ExecuteAppAsUser()', [sRunAsModule]); {$ENDIF}
end;
end;
// t := 0;
// while t < 6 do
// begin
// if MutexExists(MUTEX_AGENT) then
// begin
// Result := true;
// exit;
// end;
//
// Sleep(500);
// Inc(t);
// end;
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutex .. check timeover .. '); {$ENDIF}
end;
function LoadWinlogonPidInfo(nCid: Integer = -1): Boolean;
// var
// sPath: String;
// O: ISuperObject;
// ss: TStringStream;
// fs: TFileStream;
// dwPid: DWORD;
begin
// Result := false;
//
// TSunkTrace.T('ServiceExecute() .. LoadWinlogonPidInfo() .. ');
// sPath := GetCurrentPathDir + NAME_WLID;
// if nCid <> -1 then
// sPath := sPath + IntToStr(nCid);
// sPath := sPath + '.dat';
//
// if FileExists(sPath) then
// begin
// try
// fs := TFileStream.Create(sPath, fmOpenRead or fmShareDenyNone);
// ss := TStringStream.Create('', TEncoding.UTF8);
// enc := TSunkEncrypt.Create(PASS_CONNECTION_INFO);
// try
// if enc.DecryptStream(fs, ss) then
// begin
// O := SO(ss.DataString);
// dwPid := O.I['wlid'];
// Result := ExecuteAgent(dwPid, nCid);
// TSunkTrace.T('ServiceExecute() .. LoadWinlogonPidInfo() .. %s',
// [BooleanToString(Result, 'ok', 'fail')]);
// end;
// finally
// enc.Free;
// ss.Free;
// fs.Free;
//
// DeleteFile(sPath);
// end;
// except
// // <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>(<28><><EFBFBD><EFBFBD>ũ<EFBFBD><C5A9> <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD> <20><>Ȳ<EFBFBD><C8B2>)
// end;
// end;
end;
var
PIDList: TProcessIdList;
WTSInfo: TTgWTSSessionInfomation;
dwWinLogonSsId,
dwExecuteAsPid: DWORD;
sAccount: String;
i: Integer;
Mtx: TTgMutex;
begin
// bFailExeTrust := false;
nFailExeTrustCnt := 0;
dwExeTerm := 0;
bExeBeforeSleep := false;
Mtx := nil;
if not MutexExists(MUTEX_SERVICE) then
begin
Mtx := TTgMutex.Create(MUTEX_SERVICE);
if Mtx.MutexState <> msCreateOk then
exit;
end;
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. Begin'); {$ENDIF}
Guard(WTSInfo, TTgWTSSessionInfomation.Create);
Guard(PIDList, TProcessIdList.Create);
sCurDir := GetRunExePathDir;
sAPath := sCurDir + EXE_HE;
if not FileExists(sAPath) then
begin
sCurDir := GetProgramFilesDir + DIR_HE;
sAPath := sCurDir + EXE_HE;
end;
{$IFDEF DEBUG} TTgTrace.T('APath="%s"', [sAPath]); {$ENDIF}
sWPath := ExtractFilePath(sAPath) + BYE_ENDSESSION;
try
while not Terminated do
begin
if MutexExists(MUTEX_KILL) then
begin
{$IFDEF DEBUG} TTgTrace.T('Found .. MUTEX_KILL!!'); {$ENDIF}
ServiceThread.Terminate;
exit;
end;
if FileExists(sAPath) then
begin
if not MutexExists(MUTEX_AGENT) then
begin
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutext'); {$ENDIF}
// if LoadWinlogonPidInfo then
// continue;
// explorer.exe <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>α׷<CEB1> <20><><EFBFBD><EFBFBD><EFBFBD>ϸ<EFBFBD> Ʈ<><C6AE><EFBFBD>̰<EFBFBD> <20>Ȼ<EFBFBD><C8BB>ܼ<EFBFBD>
// <20><><EFBFBD><EFBFBD><EFBFBD>Ȱ<EFBFBD> Ȯ<><C8AE><EFBFBD>ϰ<EFBFBD> <20>õ<EFBFBD><C3B5>Ѵ<EFBFBD> 22_0502 14:21:30 kku
if GetProcessPidByName('explorer.exe') <> 0 then
begin
dwExecuteAsPid := 0;
case GetProcessPidsByName('winlogon.exe', PIDList) of
0 : sRunAsModule := 'explorer.exe';
1 : sRunAsModule := 'winlogon.exe';
else
begin
sRunAsModule := 'winlogon.exe';
WTSInfo.UpdateSessionInfo;
for i := 0 to PIDList.Count - 1 do
if ProcessIdToSessionId(PIDList[i], dwWinLogonSsId) then
begin
sAccount := WTSInfo.GetUserNameBySsid(dwWinLogonSsId);
if (sAccount <> '') and
(UpperCase(sAccount) <> 'SYSTEM') and
(UpperCase(sAccount) <> 'CONSOLE') then
begin
dwExecuteAsPid := PIDList[i];
break;
end;
end;
end;
end;
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. No Agent Mutext .. RunAsModule=%s', [sRunAsModule]); {$ENDIF}
// dwExecuteAsPid := GetProcessPidByName('TrustedInstaller.exe');
if dwExecuteAsPid = 0 then
dwExecuteAsPid := GetProcessPidByName(sRunAsModule);
if dwExecuteAsPid <> 0 then
ExecuteAgent(dwExecuteAsPid);
end else
bExeBeforeSleep := true;
end;
end;
WaitForSingleObject(ServiceThread.Handle, 500);
Sleep(500);
ServiceThread.ProcessRequests(false);
end;
finally
{$IFDEF DEBUG} TTgTrace.T('ServiceExecute() .. End'); {$ENDIF}
if Mtx <> nil then
FreeAndNil(Mtx);
end;
end;
procedure TSvBs1Rcvr.ServicePause(Sender: TService; var Paused: Boolean);
begin
{$IFDEF DEBUG}
Paused := true;
{$ELSE}
Paused := MutexExists(MUTEX_KILL);
{$ENDIF}
end;
procedure TSvBs1Rcvr.ServiceStop(Sender: TService; var Stopped: Boolean);
begin
{$IFDEF DEBUG}
Stopped := true;
{$ELSE}
Stopped := MutexExists(MUTEX_KILL);
{$ENDIF}
end;
end.
Reference in New Issue View Git Blame Copy Permalink